SUSE Linux Enterprise Server 12 first look. Piotr Szewczuk

SUSE Linux Enterprise Server 12 first look. Piotr Szewczuk Senior consultant pszewczuk@suse.com

SUSE Linux Enterprise Server 12 The advanced foundation for mission critical workloads Increase uptime 2 Improve operational efficiency Accelerate innovation

Towards Zero Downtime Best Managed SUSE Linux Enterprise 12 Most Interoperable OS Made for Cloud 3

SUSE Linux Enterprise 12 Made for Cloud In Your Data Center In the Clouds Perfect Guest Available in Public Clouds Guest KVM & XEN Containers Host Dual Hypervisor Support 4 Cloud Hosts

Made for the Cloud Host Guest In Your Data Center 5 In the Clouds

SUSE Linux Enterprise 12 Made for Cloud Hypervisors Built-in Virtualization Host KVM Xen 6 I/O improvements, storage and network device hotplugging Microsoft Windows support Latency improvements, flexible partitioning Better fault handling, improved scalability and performance

More choices: broad ecosystem Latest Latest CPU CPU X86, Intel, AMD POWER, System z IHV ISV 7 Yes! certifications Thousands of ISV applications

SUSE Linux Enterprise 12 Common Code Base & Architectures SUSE Linux Enterprise platform Server Desktop SDK HA Cloud Binary Code Base Intel 64 IBM POWER IBM System z Common (Source) Code Base 8 Foundation for all SUSE products Fully supported core system Choose the right architecture for your workload

SUSE Linux Enterprise 12 introducing Kernel 3.12 The third release based on Linux kernel 3.x, Filesystems: XFS and btrfs: get the best from both worlds Support for XFS for massive storage btrfs as the default file system Virtualization: Linux Containers 9 Support Linux Containers (LXC) Better manageability and integration with hypervisors Docker as Technical Preview

SUSE Linux Enterprise 12 Technology Highlights 64-bit hardware is the future Virtualization Xen and KVM support 64-bit host; 64-bit and 32-bit guests UEFI Secure Boot 64-bit kernels only Execution of 32-bit applications fully supported via 32-bit execution environment on top of 64-bit kernel Refine implementation started with SUSE Linux Enterprise 11 SP3 Systemd replaces SysVInit Boot process Grub2 (bootloader), Dracut (initrd building) 10

Major Linux (local) Filesystems Feature Data/Metadata Journaling Journal internal/external Offline extend/shrink Online extend/shrink Inode-Allocation-Map Sparse Files Tail Packing Defrag ExtAttr / ACLs Quotas max. Filesystemsize max. Filesize ext 2/3 / / / / table / 16 TiB 2 TiB reiserfs / / / / u.b*-tree / 16 TiB 1 EiB xfs / / / / B+-tree / 8 EiB 8 EiB Default Filesystem for the data 11 ext4 / / / / table / 1 EiB 1 EiB btrfs CoW CoW / / B-tree / Subvol. 16 EiB 16 EiB Default Filesystem for the OS

SUSE Linux Enterprise 12 Filesystem recommendations Yes OS Purpose? New Filesystem? Data No xfs Type? reiserfs ext2/3/4 Yes Snapshots? No xfs btrfs Recommended Filesystems 12 Snapshots? Yes No ext3 4 Convert

btrfs Functionality Maturity Today Future Copy on Write Inode Cache Snapshots Auto Defrag Subvolumes RAID Metadata Integrity Compression Data Integrity Send / Receive Online metadata scrubbing Hot add / remove 13 Manual Defragmentation Seeding devices Manual Deduplication Multiple Devices Quota Groups Big Metadata

Btrfs Concepts: Subvolumes / /home /var/log Subvol (B-Tree) 14 Link Subvol (B-Tree) Independent B-Tree linked to some directory of the root subvolume A part of the file system Appears on file system as a directory Independently mountable Subvols on a Btrfs file system share the same device pool Independently snapshotable (copy B-Tree)

Btrfs Concepts: Snapshots / /home Clone B-Tree Subvol (B-Tree) 15 Clone B-Tree A record of the state of a subvolume CoW copy of another subvolume After creation, snapshot shares all raw data and metadata with parent (practically) unlimited in number Read Only, Writable and Nested (= snapshot of a snapshot ) Snapshots on the file system level

Btrfs Integration in YaST Partitioner 16

SUSE Linux Enterprise Lifecycle & Code Streams 2011 SLE10 SLE 11 2012 2013 2014 2015 2016 SP4 SP2 SLE 12 SP4 SP3 GA SP1 13-year lifecycle SUSE Linux Enterprise 12 For SLES 11 and SLES 12, 10 years general support, +3 years Long Term Support Long Term Service Pack Support for every Service Pack Tentative Dates subject to change 17

Lifecycle Model where are we going 10 years lifecycle + 3 years Extended Support 18 13-year lifecycle (10 years general support, 3 years extended support) Long Term Service Pack Support available for all versions, including GA

Best Managed Linux OS

SUSE Linux Enterprise 12 Best Managed Local Management Leading system installation technology YaST: the only integrated single system management solution in the Linux world Wicked: overhaul of network management Cope with increasingly complex configurations Benefits Network configuration as a service Smooth adoption & migration 20 CIM: Open and standardized interfaces

SUSE Linux Enterprise 12 Installer Reduced installation time and effort Manual Installation Possibility to install directly with updates thanks to early registration Improved Workflow, no second stage Early Network configuration Multiple UI options Automated AutoYaST Customized 21 Write your own modules in Ruby

SUSE Linux Enterprise 12 Installer Workflow SUSE Linux Enterprise 11 Installation Setup Install without updates Reboot Network Register Reboot Services Log-in Wait Update Wait SUSE Linux Enterprise 12 Installation Setup Network Wait Reboot 22 Log-in Register Install with updates

SUSE Linux Enterprise 12 Network Management Wicked Goal Cope with increasingly complex configurations Data Center and End Users Benefit Network configuration as a service Smooth adoption & migration Technical Attributes Architecture-independent Extensible Small footprint Event based 23

SUSE Linux Enterprise 12 Systemd Technical Attributes 24 systemctl reload restart start status stop... <my_service(s)>.service systemctl --lines=20 -l status apache2 systemctl enable disable apache2

Machinery The future of Systems Management

SUSE Linux Enterprise 12 Systems Management Advanced Systems Management Use Cases Physical to Virtual (P2V) or Physical to Cloud (P2C) migrations and server consolidation 11 12 OS and/or application modernization Disaster Recovery; (Backup and Restore) Building and maintaining a Golden Image for the datacenter (but desktop/branch office scenarios as well) Cluster/Scale-out scenarios 26

SUSE Linux Enterprise 12 Systems Management Advanced Systems Management 27

SUSE Linux Enterprise 12 Systems Management Advanced Systems Management 28 Tech Preview in SUSE Linux Enterprise 12 GA

Automated Deployment Model forward looking Various Output Formats System Inspection in Advanced Management Module KIWI YaST / AutoYaST Build...Test...Deploy Your Project 29

Interoperability

Interoperability 31 SCOM integration (Management) SAMBA: File & Print VM Driver pack for hyper-v VMware tools Integration

SUSE Linux Enterprise 12 Interoperability - Vision Network Virtualization and Cloud Operating Systems Interop Windows UNIX Linux Standards Compliance 32 IPv6 (USGv6) Accessibility Security (NIST, BSI)

SUSE Linux Enterprise 12 Interoperability - IPv6 Leading OS IPv6 compatibility and certification (USGv6) https://www.iol.unh.edu/services/testing/ipv6/usgv6tested.php Tested scenarios DHCP6 server and client IPv6 support in NFS Ensure IPv6 capabilities with UEFI network boot Network services System Installation & Patching over IPv6 Benefit Deploy and use in pure IPv6 environment Scale networks beyond IPv4 limitations Answer compliance needs 33

SUSE Linux Enterprise 12 Interoperability Samba 4 Better Distributed Filesystem (DFS) capabilities File Server Remote VSS Protocol (FSRVP) Server: integration with btrfs and Snapper Client Server-side copy enhancements (btrfs backend) Protocol enhancements Encryption SMB 3.0 negotiation Benefit Authentication with recent Windows / AD Servers Linux Server behaves as expected (FSRVP) 34

SUSE Linux Enterprise 12 Interoperability Samba 4 Write Write Clone Write Server-Side Range Server-Side Copy Copy Server-Side Read Read 35 Copy Read Traditional Copy Btrfs Enhanced Server-Side Copy

Towards zero downtime

Important workloads: unplanned downtime as often as 2+ per Year! https://www.suse.com/promo/zero-downtime/attaining-zero-downtime.html 37

Downtime is more than loss of revenue 38 Source: Forrester/Disaster Recovery Journal November 2013 Global Disaster Recovery Preparedness Survey

Towards Zero Downtime RAS High Availability System Rollback Live Patching Minimize downtime planned and unplanned 39

RAS Prevent Hardware Downtime

RAS: SUSE leading on Linux Reliability, Availability, Serviceability Interaction of hardware and operating system traditional UNIX capability, now in Linux SUSE key RAS capabilities on Linux for x86, Power as well as System Z, includes features for CPU error handling Hot-Add memory Memory error handling Integrated open source RAID (Redundant array of independent disks) 41

SUSE Linux Enterprise 12 RAS Benefits Choice of HW vendor System and applications survive hardware failure Integration into systems management frameworks Engineering excellence by early adoption of Kernel 3.x Future Migrate processes to more reliable memory/cpus 42

System Rollback Reduce Operational Downtime

Towards Zero Downtime System Rollback Goal: Go back to well-known system state Peace of mind for: Patch installation System admin tasks Components ZYpp Btrfs Default filesystem Snapper Grub2 boot loader integration 44

System rollback: improve resiliency Rollback to a good state with one click for faster recovery from planned or unplanned downtime with support for patch, service pack and kernel upgrade rollback 45

Snapper Btrfs integration Basic integration into Installer Btrfs as root fs Recommendation for subvolume layout Partitioner Create Btrfs Create subvolumes Tools Snapper manage snapshots Automatically create snapshots Display differences between snapshots Roll-back User Interfaces In development (GSoC) 46 CLI DBUS Graphical (YaST) GUI integration

Introducing Snapper CLI example Snapper headers: 47 Type : [ Pre Post Single ] # : Nr of snapshot Pre # : if type is Post the matching Pre nr. Date : timestamp Cleanup : cleanup algorithm for this snapshot Description : A fitting description of the snapshot (free text) Userdata : key=value pairs to record all sorts of useful information about the snapshot in an easily parsable format

Snapper Command Line # Description 48 Tools 1 List the currently available snapshots snapper list... 2 Show, which files differ in the snapshot pair created by yast users snapper status... 3 Show the difference only in /etc/shadow in the snapshot pair created by yast users snapper diff... 4 Undo a change remove unnecessary files in the user's home directory, e.g..xim.template snapper undochange... 5 Create your own snapshot and modify its description snapper create -d <description> snapper modify <num> 6 Add a Key-Value pair to an existing snapshot snapper modify --userdata <num> 7 Create your own snapshot pair snapper create --type pre... snapper list snapper create --type post --pre-number <n1>... 8 Change description and user data of some more of your snapshots snapper modify <num> 9 Rollback the full system to a former state snapper rollback <num> current

Towards Zero Downtime System Rollback - Future SUSE Linux Enterprise 12: Extended system integration Support for Service Pack rollback Support for Kernel Upgrade Full system rollback 49

High Availability Increase Service Availability

Towards Zero Downtime High Availability Status Fighting Murphy's Law Service failover at any distance from local to geo Up to 99.9999% availability Rolling updates for less planned downtime Easy setup, administration, management Virtualization agnostic Leading open source High Availability On par with proprietary products Secure the business! 51

Towards Zero Downtime High Availability Benefits Quickly and easily install, configure and manage clustered Linux servers Increase service availability for mission-critical systems and data Transparent to Virtualization nodes can be virtual or physical or mixed! Integrated with SUSE Linux Enterprise Server Meet Service Level Agreements 52

SUSE Linux Enterprise Live Patching Manage Without Downtime

SUSE Linux Enterprise Live Patching Technology kgraft What? Kernel Live Patching Designed and developed by SUSE Labs Ease of use: Builds on well known update processes Status? Currently integrated Upstream (=Kernel community) Competitive Advantage? Works with zero execution interruption As opposed to competition who stop the whole system (miliseconds to seconds range) when patching 54

SUSE Linux Enterprise Live Patching Kernel Live Patching Use Cases Mission Critical systems Improve general availability Run until the next maintenance window Help with deployment challenges No need to update all 10000+ systems at one shot, but be able to run until a specific state is reached See also: https://www.suse.com/communities/conversations/need-kgraft-2/ Caveat: Not all issues can be fixed using kgraft ; in special cases a reboot might be necessary 55

SUSE Linux Enterprise Live Patching Service Offering Service on top of SUSE Linux Enterprise Server 12¹ Starts with x86-64 architecture (other architectures may follow later) Business conditions similar to SUSE Linux Enterprise High Availability Customer needs Priority Support and PSE / DSE Principle: avoid different code streams per customer The customer will have to align their roll out strategy / timeline to our delivery and start-points of kgraft streams ¹ The offering will be limited to SUSE Linux Enterprise 12 only, i.e. not be available for SUSE Linux Enterprise 11 56

Live kernel patching Designed and developed by SUSE Labs Use Cases when bringing down the kernel is no option: In Memory Databases like SAP HANA Infrastructure systems always in use Simulations uninterupted for months Mission Critical workloads not downtime SUSE offers the only Linux solution that offers zero execution interruption 57 https://www.suse.com/communities/conversations/need-kgraft-2/

Questions? Thank you. 58

Unpublished Work of SUSE LLC. All Rights Reserved. This work is an unpublished work and contains confidential, proprietary and trade secret information of SUSE LLC. Access to this work is restricted to SUSE employees who have a need to know to perform tasks within the scope of their assignments. No part of this work may be practiced, performed, copied, distributed, revised, modified, translated, abridged, condensed, expanded, collected, or adapted without the prior written consent of SUSE. Any use or exploitation of this work without authorization could subject the perpetrator to criminal and civil liability. General Disclaimer This document is not to be construed as a promise by any participating company to develop, deliver, or market a product. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. SUSE makes no representations or warranties with respect to the contents of this document, and specifically disclaims any express or implied warranties of merchantability or fitness for any particular purpose. The development, release, and timing of features or functionality described for SUSE products remains at the sole discretion of SUSE. Further, SUSE reserves the right to revise this document and to make changes to its content, at any time, without obligation to notify any person or entity of such revisions or changes. All SUSE marks referenced in this presentation are trademarks or registered trademarks of Novell, Inc. in the United States and other countries. All third-party trademarks are the property of their respective owners.